package com.juzipi.demo.realm;


import com.juzipi.demo.service.UsersService;
import com.juzipi.demo.shiro.JWTToken;
import com.juzipi.demo.utils.JwtUtil;
import com.juzipi.demo.vo.UserBO;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.LinkedHashSet;

@Component
public class CustomerRealm extends AuthorizingRealm {


    @Autowired
    private UsersService usersService;
//    @Autowired
//    private RedisUtil redisUtil;


    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof JWTToken;
    }

    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("================>执行了授权");
        //获取到登陆的token
        String token = principalCollection.toString();
        //获取到用户名
        String username = JwtUtil.getUsername(token);
        UserBO userBO = usersService.checkUser(username);

//        //优化一下写法吧
//        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
//        simpleAuthorizationInfo.addRole(userBO.getRole());
//        simpleAuthorizationInfo.addStringPermission(userBO.getPermission());

        //用户的角色信息
//        String role = userBO.getRole();
        //用户的权限信息
//        String permission = userBO.getPermission();
        //设置 当前用户查询到的已有的角色权限信息
        LinkedHashSet<String> setRole = new LinkedHashSet<>();
        setRole.add(userBO.getRole());
        LinkedHashSet<String> setPermission = new LinkedHashSet<>();
        setPermission.add(userBO.getPermission());

        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.setRoles(setRole);
        simpleAuthorizationInfo.setStringPermissions(setPermission);


        return simpleAuthorizationInfo;
    }



    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("================>执行了认证");
        //获取token
        String token = (String) authenticationToken.getCredentials();
        if (StringUtils.isBlank(token)){
            throw new AuthenticationException("token为空");
        }
        String username = JwtUtil.getUsername(token);
        //查出用户的所有信息
        UserBO userBO = usersService.checkUser(username);
        if (com.baomidou.mybatisplus.core.toolkit.StringUtils.checkValNull(userBO)){
            throw new AuthenticationException("用户不存在");
        }
        Boolean ban = userBO.getBan();
        if (!ban){
            throw new AuthenticationException("用户已被禁用");
        }
        return new SimpleAuthenticationInfo(token,token,getName());

    }

}
